CWE-820 - Missing Synchronization

CWE-820

Abstraction:
Base

Structure:
Simple

Status:
Incomplete

Weakness Name: Missing Synchronization

Description: The product utilizes a shared resource in a concurrent manner but does not attempt to synchronize access to the resource.
If access to a shared resource is not synchronized, then the resource may not be in a state that is expected by the product. This might lead to unexpected or insecure behaviors, especially if an attacker can influence the shared resource.

Common Consequences: Scope: Integrity, Confidentiality, Other
Impact: Modify Application Data, Read Application Data, Alter Execution Logic

Related Weaknesses: CWE-662Improper Synchronization

Release Date:
2010-09-27

Latest Modification Date:
2023-10-26

Free security scan for your website

Don't show website scan report rating on the leaderboard